On Oct 28, 2010, at 5:06 AM, Rémi Després wrote: >> As long as consumers and security experts continue demanding v4-style >> (stateful) NAT in IPv6 efforts to kill it and/or proclaim it dead are >> greatly exaggerated, at best. > > I agree that, if a NAT66 is combined with a FW, stateful NAT66 seems more > logical than stateless.
The (relatively) "nice" feature about NAT66 (from the point of view of applications) is that the mapping between internal-external addresses is stateless. It means that apps dealing with such a beast would not have to worry about having to recover from the NAT killing their associations, and having to refind and resync with their peers. That doesn't mean that a combined NAT/FW would have to be stateless. (Though in practice I have to wonder how many apps would find it useful to special-case NAT66 handling. Probably most would not do so unless the vast majority of NATs found within v6 were NAT66. But apps built to tolerate NAT in general would likely perform better in the presence of only NAT66 than with arbitrary NAT.) Keith
_______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
